Skip to content

Commit 0b18b81

Browse files
gclerouxgcleroux
committed
add support for wildcard hostname on every resource
1 parent 96183e4 commit 0b18b81

File tree

4 files changed

+84
-22
lines changed

4 files changed

+84
-22
lines changed

charts/k8s-gateway/Chart.yaml

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -2,8 +2,8 @@ apiVersion: v2
22
name: k8s-gateway
33
description: A fork of the k8s_gateway CoreDNS plugin with added functionalities
44
type: application
5-
version: 3.3.0
6-
appVersion: 0.8.0
5+
version: 3.4.0
6+
appVersion: 0.9.0
77
maintainers:
88
- email: guillaume@pinax.network
99
name: Guillaume

charts/k8s-gateway/values.yaml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,7 +1,7 @@
11
image:
22
registry: ghcr.io
33
repository: pinax-network/k8s_gateway
4-
tag: v0.8.0
4+
tag: v0.9.0
55
pullPolicy: IfNotPresent
66

77
# Delegated domain

cmd/coredns.go

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -16,7 +16,7 @@ var dropPlugins = map[string]bool{
1616
"k8s_external": true,
1717
}
1818

19-
const pluginVersion = "0.8.0"
19+
const pluginVersion = "0.9.0"
2020

2121
func init() {
2222
var directives []string

kubernetes.go

Lines changed: 80 additions & 18 deletions
Original file line numberDiff line numberDiff line change
@@ -574,12 +574,19 @@ func challengeHostnameIndexFunc(obj interface{}) ([]string, error) {
574574
}
575575

576576
func checkServiceHostnameAnnotation(annotation string, service *core.Service) (string, bool) {
577+
var res string
578+
577579
if annotationValue, exists := service.Annotations[annotation]; exists {
580+
// Looking for wildcard hostname
581+
if strings.HasPrefix(annotationValue, "*.") {
582+
res = "*."
583+
annotationValue = strings.TrimPrefix(annotationValue, "*.")
584+
}
578585
// checking the hostname length limits
579586
if _, ok := dns.IsDomainName(annotationValue); ok {
580587
// checking RFC 1123 conformance (same as metadata labels)
581588
if valid := isdns1123Hostname(annotationValue); valid {
582-
return strings.ToLower(annotationValue), true
589+
return res + strings.ToLower(annotationValue), true
583590
} else {
584591
log.Infof("RFC 1123 conformance failed for FQDN: %s", annotationValue)
585592
}
@@ -630,8 +637,21 @@ func lookupServiceIndex(ctrl cache.SharedIndexInformer) func([]string) []interfa
630637
return func(indexKeys []string) (result []interface{}) {
631638
var objs []interface{}
632639
for _, key := range indexKeys {
633-
obj, _ := ctrl.GetIndexer().ByIndex(serviceHostnameIndex, strings.ToLower(key))
640+
key := strings.ToLower(key)
641+
642+
obj, _ := ctrl.GetIndexer().ByIndex(serviceHostnameIndex, key)
634643
objs = append(objs, obj...)
644+
645+
for len(objs) == 0 {
646+
_, after, found := strings.Cut(key, ".")
647+
if !found {
648+
// No more wildcard recursion
649+
break
650+
}
651+
key = after
652+
obj, _ := ctrl.GetIndexer().ByIndex(serviceHostnameIndex, "*."+key)
653+
objs = append(objs, obj...)
654+
}
635655
}
636656
log.Debugf("Found %d matching Service objects", len(objs))
637657
for _, obj := range objs {
@@ -665,8 +685,21 @@ func lookupVirtualServerIndex(ctrl cache.SharedIndexInformer) func([]string) []i
665685
return func(indexKeys []string) (result []interface{}) {
666686
var objs []interface{}
667687
for _, key := range indexKeys {
668-
obj, _ := ctrl.GetIndexer().ByIndex(virtualServerHostnameIndex, strings.ToLower(key))
688+
key := strings.ToLower(key)
689+
690+
obj, _ := ctrl.GetIndexer().ByIndex(virtualServerHostnameIndex, key)
669691
objs = append(objs, obj...)
692+
693+
for len(objs) == 0 {
694+
_, after, found := strings.Cut(key, ".")
695+
if !found {
696+
// No more wildcard recursion
697+
break
698+
}
699+
key = after
700+
obj, _ := ctrl.GetIndexer().ByIndex(virtualServerHostnameIndex, "*."+key)
701+
objs = append(objs, obj...)
702+
}
670703
}
671704
log.Debugf("Found %d matching VirtualServer objects", len(objs))
672705
for _, obj := range objs {
@@ -688,8 +721,21 @@ func lookupHttpRouteIndex(http, gw cache.SharedIndexInformer) func([]string) []i
688721
return func(indexKeys []string) (result []interface{}) {
689722
var objs []interface{}
690723
for _, key := range indexKeys {
691-
obj, _ := http.GetIndexer().ByIndex(httpRouteHostnameIndex, strings.ToLower(key))
724+
key := strings.ToLower(key)
725+
726+
obj, _ := http.GetIndexer().ByIndex(httpRouteHostnameIndex, key)
692727
objs = append(objs, obj...)
728+
729+
for len(objs) == 0 {
730+
_, after, found := strings.Cut(key, ".")
731+
if !found {
732+
// No more wildcard recursion
733+
break
734+
}
735+
key = after
736+
obj, _ := http.GetIndexer().ByIndex(httpRouteHostnameIndex, "*."+key)
737+
objs = append(objs, obj...)
738+
}
693739
}
694740
log.Debugf("Found %d matching httpRoute objects", len(objs))
695741

@@ -707,8 +753,21 @@ func lookupTLSRouteIndex(tls, gw cache.SharedIndexInformer) func([]string) []int
707753
return func(indexKeys []string) (result []interface{}) {
708754
var objs []interface{}
709755
for _, key := range indexKeys {
710-
obj, _ := tls.GetIndexer().ByIndex(tlsRouteHostnameIndex, strings.ToLower(key))
756+
key := strings.ToLower(key)
757+
758+
obj, _ := tls.GetIndexer().ByIndex(tlsRouteHostnameIndex, key)
711759
objs = append(objs, obj...)
760+
761+
for len(objs) == 0 {
762+
_, after, found := strings.Cut(key, ".")
763+
if !found {
764+
// No more wildcard recursion
765+
break
766+
}
767+
key = after
768+
obj, _ := tls.GetIndexer().ByIndex(tlsRouteHostnameIndex, "*."+key)
769+
objs = append(objs, obj...)
770+
}
712771
}
713772
log.Debugf("Found %d matching tlsRoute objects", len(objs))
714773

@@ -726,8 +785,21 @@ func lookupGRPCRouteIndex(grpc, gw cache.SharedIndexInformer) func([]string) []i
726785
return func(indexKeys []string) (result []interface{}) {
727786
var objs []interface{}
728787
for _, key := range indexKeys {
729-
obj, _ := grpc.GetIndexer().ByIndex(grpcRouteHostnameIndex, strings.ToLower(key))
788+
key := strings.ToLower(key)
789+
790+
obj, _ := grpc.GetIndexer().ByIndex(grpcRouteHostnameIndex, key)
730791
objs = append(objs, obj...)
792+
793+
for len(objs) == 0 {
794+
_, after, found := strings.Cut(key, ".")
795+
if !found {
796+
// No more wildcard recursion
797+
break
798+
}
799+
key = after
800+
obj, _ := grpc.GetIndexer().ByIndex(grpcRouteHostnameIndex, "*."+key)
801+
objs = append(objs, obj...)
802+
}
731803
}
732804
log.Debugf("Found %d matching grpcRoute objects", len(objs))
733805

@@ -741,11 +813,7 @@ func lookupGRPCRouteIndex(grpc, gw cache.SharedIndexInformer) func([]string) []i
741813
}
742814
}
743815

744-
func lookupGateways(
745-
gw cache.SharedIndexInformer,
746-
refs []gatewayapi_v1.ParentReference,
747-
ns string,
748-
) (result []interface{}) {
816+
func lookupGateways(gw cache.SharedIndexInformer, refs []gatewayapi_v1.ParentReference, ns string) (result []interface{}) {
749817
for _, gwRef := range refs {
750818

751819
if gwRef.Namespace != nil {
@@ -769,10 +837,6 @@ func lookupIngressIndex(ctrl cache.SharedIndexInformer) func([]string) []interfa
769837
var objs []interface{}
770838
for _, key := range indexKeys {
771839
key := strings.ToLower(key)
772-
// Ingress is not responsible for _acme-challenge.* FQDN
773-
if strings.HasPrefix(key, "_acme-challenge.") {
774-
continue
775-
}
776840

777841
obj, _ := ctrl.GetIndexer().ByIndex(ingressHostnameIndex, key)
778842
objs = append(objs, obj...)
@@ -881,9 +945,7 @@ func fetchServiceLoadBalancerIPs(ingresses []core.LoadBalancerIngress) (results
881945
return
882946
}
883947

884-
func fetchIngressLoadBalancerIPs(
885-
ingresses []networking.IngressLoadBalancerIngress,
886-
) (results []interface{}) {
948+
func fetchIngressLoadBalancerIPs(ingresses []networking.IngressLoadBalancerIngress) (results []interface{}) {
887949
for _, address := range ingresses {
888950
if address.Hostname != "" {
889951
log.Debugf("Looking up hostname %s", address.Hostname)

0 commit comments

Comments
 (0)